A recent vulnerability in the latest Adobe Flash version lead to a massive attack. More than 220000 pages on the Internet have been hacked most likely with an automated tool using a SQL injection attack. Those pages, some of well respected companies such as Nokia but also many non-profit organizations and town websites, redirect the user to websites that host the exploits for the Flash vulnerability.

If the system meets the requirements the exploit is used to download and execute trojans that steal information and droppers that download additional trojans. Information that are stolen are for example World of Warcraft account information while the droppers download files that add the computer to a botnet. (according to Trendmicro)

Most antivirus companies have already updated their software to disable the possibility that this exploit can be used on the computer the software is running on. Your best bet if you do not use antivirus software is to either disable Flash for now or use an extension like NoScript to block Flash on every domain but trusted ones.

continue reading "Vulnerabilities in latest Flash version"

I was not able to find a lot of test results about CA Anti-virus 2008 on the Internet (Zdnet has one that includes spyware protection, here is a second) but it seems to be a solid antivirus software, not the best and not the worst. The offer itself is interesting. You do get a free license of CA Anti-virus 2008 that can be installed on three computers. This package usually retails for $39.99.

CA Anti-virus 2008 detects viruses, trojans and worms but not spyware and rootkits. It’s currently compatible to the 32-bit editions of Windows 2000, XP and Windows Vista.

Here is what you need to do to get your free license. Visit the promo homepage and fill out your registration details. The page is in German, enter the following details from top to bottom: First Name, Last Name, Country, Email, Email Repeat, Password, Password Repeat. A click on Senden submits the form and an email will be dispatched that contains a link to the download page that also contains the serial number.

continue reading "Free 1 Year 3 Computer CA Anti-virus 2008 License"

I have written an article about Flash Cookies last year and it turned out that several users did not know they existed and were grateful that they were now able to take care of them. Flash Cookies are not stored in the usual location where the other cookies are stored but in %APPDATA%\Macromedia\Flash Player on a computer running Microsoft Windows, ~/.macromedia in Linux and ~/Library/Preferences/Macromedia/Flash Player in Mac OS X.

Users can delete the cookies in that directory regularly or on a website. There is no direct way in Firefox to delete those cookies. That is, until now. The Firefox extension Better Privacy is a cookie manager for LSO Flash Objects and DOM Storage Objects. Flash Cookies (Local Shared Objects) are placed on the computer by a Flash application like the Youtube Video Player.

These cookies can be set to never expire which is obviously an excellent opportunity to track and analyze users. Another difference between flash and normal cookies is the size limitation. Normal cookies cannot exceed 4KB while Flash Cookies have a default size of 100 Kilobyte but the range is between 0 and Unlimited Kilobytes !

continue reading "Manage Flash Cookies with Better Privacy"

Referrer is a variable that is automatically submitted when accessing sites on the Internet. If you click on the link to the RefControl Firefox add-on on my site the Mozilla website will see the url of this article as the referrer which simply means the site the user came from. Sometimes the referrer is empty if you enter a url directly in the location bar.

Controlling the referrer variable can be useful under two circumstances. The first is plain paranoia. You do not want that sites can track your movement or know where you came from. This is probably going a bit far but some might find it useful. A far more interesting circumstance is the second in my opinion. Some websites protect their content by using referrer checks.

If you take the Wallstreet Journal Online site for instance. They check if a visitor came from Digg and if he did show him the whole article. If you open the site directly you only see an extract of it normally.

continue reading "Firefox Referrer Control"

One common strategy to infect a computer is to use the autorun information of a removable drive, most likely an USB device, to infect the computer as soon as the user double-clicks the drive. If the computer is protected by antivirus software the attack will most likely be stopped in its tracks but the manipulated autorun.inf file on the USB device will more often than not remain untouched.

Here is a short explanation if you have never heard of autorun.inf files before: It contains information about files and processes that are automatically executed when a disk is inserted or double-clicked. Autorun is often confused with autoplay but they are not the same. Autorun is directly related to the autorun.inf file on the disk while autoplay automatically reacts to new devices or media, for example a music CD is automatically played in Windows when inserted.

Autorun Eater takes care of autorun.inf files before it can be executed on the system. This is done my actively monitoring the system in real time. It will automatically remove suspicious autorun.inf files and store them in a secure space in case of a false positive.

continue reading "Autorun Eater"